Hello! while trying this new soft to replace the ``old'' xdm, I found out
that if a wrong passwd is supplied, gdm will answer with a ``incorrect
password'' message. So I tried to log in as an inexistent user ... the
result was "user unknown". The vulnerabilty seems trivial to me.
The version tested was gdm-2.0beta4.
Best regards.
Cervi~no Ulises
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
...............................................................................
"Contrary to popular opinion, Unix is user friendly, It just happens to be
very selective about who it makes friends with."
